You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@geronimo.apache.org by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org> on 2007/11/24 15:36:43 UTC
[jira] Created: (GERONIMO-3628) Review
GeronimoPasswordCredentialLoginModule
Review GeronimoPasswordCredentialLoginModule
--------------------------------------------
Key: GERONIMO-3628
URL: https://issues.apache.org/jira/browse/GERONIMO-3628
Project: Geronimo
Issue Type: Task
Security Level: public (Regular issues)
Components: security
Affects Versions: 2.0.x, 2.1
Reporter: Vamsavardhana Reddy
Assignee: Vamsavardhana Reddy
Fix For: 2.0.x, 2.1
Review GeronimoPasswordCredentialLoginModule for potential violations and security risks.
o LoginModule should remove/destroy credentials from subject upon logout.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-3628) Review
GeronimoPasswordCredentialLoginModule
Posted by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3628?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12545178 ]
Vamsavardhana Reddy commented on GERONIMO-3628:
-----------------------------------------------
Completed: At revision: 597856
o Logging
> Review GeronimoPasswordCredentialLoginModule
> --------------------------------------------
>
> Key: GERONIMO-3628
> URL: https://issues.apache.org/jira/browse/GERONIMO-3628
> Project: Geronimo
> Issue Type: Task
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.0.x, 2.1
> Reporter: Vamsavardhana Reddy
> Assignee: Vamsavardhana Reddy
> Fix For: 2.0.x, 2.1
>
>
> Review GeronimoPasswordCredentialLoginModule for potential violations and security risks.
> o LoginModule should remove/destroy credentials from subject upon logout.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Commented: (GERONIMO-3628) Review
GeronimoPasswordCredentialLoginModule
Posted by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3628?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12545176 ]
Vamsavardhana Reddy commented on GERONIMO-3628:
-----------------------------------------------
Completed: At revision: 597853 http://svn.apache.org/viewvc?rev=597853&view=rev
o logout() should remove credentials from the subject.
o logout() should destroy credentials when the subject is read-only.
o Changes to bring GeronimoPasswordCredentialLoginModule in line with http://java.sun.com/j2se/1.5.0/docs/guide/security/jaas/JAASLMDevGuide.html
**: This commit can use a thorough review.
> Review GeronimoPasswordCredentialLoginModule
> --------------------------------------------
>
> Key: GERONIMO-3628
> URL: https://issues.apache.org/jira/browse/GERONIMO-3628
> Project: Geronimo
> Issue Type: Task
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.0.x, 2.1
> Reporter: Vamsavardhana Reddy
> Assignee: Vamsavardhana Reddy
> Fix For: 2.0.x, 2.1
>
>
> Review GeronimoPasswordCredentialLoginModule for potential violations and security risks.
> o LoginModule should remove/destroy credentials from subject upon logout.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (GERONIMO-3628) Review
GeronimoPasswordCredentialLoginModule
Posted by "Joe Bohn (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3628?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Joe Bohn updated GERONIMO-3628:
-------------------------------
Affects Version/s: (was: 2.0.x)
2.0.2
Fix Version/s: (was: 2.0.x)
2.0.3
> Review GeronimoPasswordCredentialLoginModule
> --------------------------------------------
>
> Key: GERONIMO-3628
> URL: https://issues.apache.org/jira/browse/GERONIMO-3628
> Project: Geronimo
> Issue Type: Task
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.0.2, 2.1
> Reporter: Vamsavardhana Reddy
> Assignee: Vamsavardhana Reddy
> Fix For: 2.0.3, 2.1
>
>
> Review GeronimoPasswordCredentialLoginModule for potential violations and security risks.
> o LoginModule should remove/destroy credentials from subject upon logout.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Closed: (GERONIMO-3628) Review
GeronimoPasswordCredentialLoginModule
Posted by "Vamsavardhana Reddy (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/GERONIMO-3628?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Vamsavardhana Reddy closed GERONIMO-3628.
-----------------------------------------
Resolution: Fixed
> Review GeronimoPasswordCredentialLoginModule
> --------------------------------------------
>
> Key: GERONIMO-3628
> URL: https://issues.apache.org/jira/browse/GERONIMO-3628
> Project: Geronimo
> Issue Type: Task
> Security Level: public(Regular issues)
> Components: security
> Affects Versions: 2.0.x, 2.1
> Reporter: Vamsavardhana Reddy
> Assignee: Vamsavardhana Reddy
> Fix For: 2.0.x, 2.1
>
>
> Review GeronimoPasswordCredentialLoginModule for potential violations and security risks.
> o LoginModule should remove/destroy credentials from subject upon logout.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.